IT professionals may further protect the contents of their Windows 7 volumes with BitLocker, Microsoft's whole-disk encryption system. Windows Vista users have to repartition their hard drive to create the required hidden boot partition, but Windows 7 creates that partition automatically when BitLocker is enabled. In Windows Vista, IT professionals must use a unique recovery key for each protected volume. But Windows 7 extends the Data Recovery Agent (DRA) to include all encrypted volumes; as a result, only one encryption key is needed on any BitLocker-encrypted Windows machine.

BitLocker To Go is a new feature that lets users share BitLocker-protected files with users running Windows Vista and Windows XP. The BitLocker To Go desktop reader provides simple, read-only access to the protected files on non-BitLocker-protected systems. To unlock the protected files, the user must provide the appropriate password (or smart-card credentials).

Application Control

Windows 7 also introduces AppLocker , an enhancement to Group Policy settings that lets organizations specify which versions of which applications users have permission to run. For example, a rule might allow users to install Adobe Acrobat Reader version 9.0 or later, but it might block them from installing legacy versions without specific authorization. AppLocker contains a rule-generation wizard to make the process of creating policies much easier, and it includes automatic rule making for building a custom white list.

System Restore, first introduced in Windows ME, gets a much needed update in Windows 7. First, System Restore displays a list of specific files that will be removed or added at each restore point. Second, restore points are now available in backups, giving IT professionals and others a greater list of options over a longer period of time.

The Action Center is a new, integrated Control Panel feature that gives Windows 7 users a central spot for locating tasks and common notifications under a single icon. The Action Center includes alerts and configuration settings for several existing features, including the Security Center; Problem, Reports, and Solutions; Windows Defender; Windows Update; Diagnostics; Network Access Protection; Backup and Restore; Recovery; and User Account Control. Popup alerts are gone in Windows 7, replaced by a new task tray icon (a flag with an X) that provides streamlined access to the problem directly or to the Action Center for more information.

Perhaps the most famous and most annoying form of Windows Vista notification comes from the User Account Control (UAC) feature, which flashes administrative warnings whenever you need to configure a system setting. In Vista the choices are stark: Endure the messages, or turn off UAC. In Windows 7, you have additional options. A slider bar configures the appropriate notification level for your computer, and by default UAC will notify you only when programs try to make changes to your PC.